Garima Kakkar
GRC Security & Privacy Manager
SirionLabs
India
About Me
I started as a software engineer at PayU. π©βπ» Now I help engineering teams build products that are secure, private, and compliant by design. π That early experience writing code taught me how engineers think about trade-offs, deadlines, and technical constraints. Today, as a Security & Privacy GRC Manager at SirionLabs, I use that foundation to translate security frameworks and compliance requirements into language that makes sense to the people actually building the product. π
What my day looks like: π‘οΈ Partnering with engineering teams to design security controls for cloud environments (AWS/Azure/GCP)βfrom access management to encryption implementations π Managing multi-framework compliance programs: ISO 27001/27018/27701, SOC 2 Type II, HIPAA, PCI-DSS, GDPR, and India's DPDPA π Conducting security risk assessments, third-party vendor evaluations, and helping teams understand what "secure by design" means in practice ποΈ Reviewing system architectures to identify both security and privacy implications before they become production issues π Working with teams across 12+ jurisdictions to implement technical safeguards that protect data without breaking functionality
The work I'm proud of: β β Leading enterprise-wide security and compliance initiatives that reduced audit prep time while strengthening our actual security posture π€ Achieving certifications across multiple frameworks by working with engineering teams, not against them π Managing DPDPA readiness that addressed both legal requirements and underlying security controls
What I'm building toward: π π€ Automating security evidence collection and building continuous compliance monitoring tools π Creating systems that make both security and privacy controls visible in real-timeβnot just during audit season
What sets me apart: π‘ π¨βπ» I remember what it's like to be on the engineering side when someone from "security and compliance" shows up π€ I try to be the GRC person I would have wanted to work with as a developer β¨ Someone who understands technical constraints, helps solve problems, and offers practical security solutions instead of just pointing out risks
Experience Highlights
- Leading enterprise-wide security and compliance initiatives that reduced audit prep time while strengthening our actual security posture
- Achieving certifications across multiple frameworks by working with engineering teams, not against them
- Managing DPDPA readiness that addressed both legal requirements and underlying security controls
Specializations
Languages & Tools
Frameworks
Interested in working with Garima Kakkar?